FAQ
Hi,
I'm trying to build a redundant duo of firewalls/routers/gateways and I'm
thinking about not putting any disks in them and instead using a usb-stick
raid-1 as storage.
Has anyone any experience with this? Since the machines will be running
pretty much only iptables, conntrackd and keepalived there is not going to
be a lot of disk activity going on and the plan is to do all the logging on
a remote machine which should reduce the write activity on the sticks to
almost zero during normal operation.

I've already created a fairly minimal kickstart for such an installation
but I'm wondering if there are any opinions out there on whether this is a
feasible approach or if there are any gotchas I'm not aware of.

Regards,
Dennis

Search Discussions

  • Cooleyr at Jul 22, 2011 at 4:33 am

    On Jul 21, 2011 8:27 AM, "Dennis Jacobfeuerborn" wrote:
    Hi,
    I'm trying to build a redundant duo of firewalls/routers/gateways and I'm
    thinking about not putting any disks in them and instead using a usb-stick
    raid-1 as storage.
    Has anyone any experience with this?
    I simply wouldn't build a system that is dependent on USB for the rootfs
    full-time, unless it's very unimportant. I've seen USB ports get disabled
    while in-use plenty of times. Instead, an ATA to CF or SD adapter can be
    had quite inexpensively.
    -------------- next part --------------
    An HTML attachment was scrubbed...
    URL: http://lists.centos.org/pipermail/centos/attachments/20110722/6d7bedfe/attachment.html
  • Ljubomir Ljubojevic at Jul 22, 2011 at 7:26 am

    cooleyr at gmail.com wrote:
    On Jul 21, 2011 8:27 AM, "Dennis Jacobfeuerborn" <dennisml at conversis.de
    wrote:
    Hi,
    I'm trying to build a redundant duo of firewalls/routers/gateways and I'm
    thinking about not putting any disks in them and instead using a usb-stick
    raid-1 as storage.
    Has anyone any experience with this?
    I simply wouldn't build a system that is dependent on USB for the rootfs
    full-time, unless it's very unimportant. I've seen USB ports get
    disabled while in-use plenty of times. Instead, an ATA to CF or SD
    adapter can be had quite inexpensively.
    There are DOM's, IDE Disk-On-Module.

    --

    Ljubomir Ljubojevic
    (Love is in the Air)
    PL Computers
    Serbia, Europe

    Google is the Mother, Google is the Father, and traceroute is your
    trusty Spiderman...
    StarOS, Mikrotik and CentOS/RHEL/Linux consultant
  • Peter Kjellström at Jul 22, 2011 at 5:07 am

    On Thursday, July 21, 2011 05:26:47 PM Dennis Jacobfeuerborn wrote:
    Hi,
    I'm trying to build a redundant duo of firewalls/routers/gateways and I'm
    thinking about not putting any disks in them and instead using a usb-stick
    raid-1 as storage.
    Has anyone any experience with this? Since the machines will be running
    pretty much only iptables, conntrackd and keepalived there is not going to
    be a lot of disk activity going on and the plan is to do all the logging on
    a remote machine which should reduce the write activity on the sticks to
    almost zero during normal operation.

    I've already created a fairly minimal kickstart for such an installation
    but I'm wondering if there are any opinions out there on whether this is a
    feasible approach or if there are any gotchas I'm not aware of.
    I/we have done this on a few systems with vanilla CentOS and no problems. Do
    note however that not all usb-sticks are the same (performance can vary _a
    lot_).

    /Peter
    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 198 bytes
    Desc: This is a digitally signed message part.
    Url : http://lists.centos.org/pipermail/centos/attachments/20110722/b7f29fc3/attachment.bin

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcentos @
categoriescentos
postedJul 21, '11 at 11:26a
activeJul 22, '11 at 7:26a
posts4
users4
websitecentos.org
irc#centos

People

Translate

site design / logo © 2022 Grokbase